<?php session_start(); ?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>GOEIP System</title>
</head>
<body>
Auth Login<br />
<form method="post" action="index.php?p=<?php $ra = rand();$p=md5($ra); echo $p; ?>">
Username :
<input type="text" name="username" maxlength="12"/><br />
Password :
<input type="password" name="pass" maxlength="40"/><br />
<input type="submit" name="submit" value="Send"/>
</form>
</form>
</body>
</html>
<?php
require_once("config.php");
require_once("DB_class.php");
@$p = $_REQUEST['p'];
@$user = $_REQUEST['username'];
@$pass = $_REQUEST['pass'];
@$ip = $_SERVER['REMOTE_ADDR'];
$time = date('YmdHis');
if (! empty($p))
{
    if (empty($user))
    {
        die('Username is NULL');
    }elseif (! ctype_alnum($user))
    {
        die('Username format Error');
    }
    
    if (empty($pass))
    {
        die('Password is NULL');
    }elseif (! ctype_alnum($pass))
    {
        die('Password format Error');
    }
    
    /*Use DB_c Class Get Function($);*/
    $db = new DB_c();
    $db->db_connect($_DB['host'], $_DB['username'], $_DB['password'], $_DB['dbname']);
    $db->query("SELECT username,password FROM users where username='$user' and password=password('$pass')");
    $getv = $db->fetch_array();
    if (empty($getv['username']) && empty($getv['password']))
        die('Username or Password Error');
    if (! empty($getv['username']) && ! empty($getv['password']))
        $_SESSION['username'] = $user;
        
    if (! empty($_SESSION['username']))
    {
        $insys='1';
        $db->db_connect($_DB['host'], $_DB['username'], $_DB['password'], $_DB['dbname']);
        $db->insert("INSERT INTO session (username, session_code, date, login, login_ip) VALUES('$user', '$p', $time , '$insys', '$ip')");
        
    }
    
    /*Query login_auth table auth user logining?*/
    $db->query("SELECT login FROM session WHERE username='$user'");
    $getauthv = $db->fetch_array();
    if (empty($getauthv['login']))
    {
        exit('Please use Web Auth Login System');
    }
    echo('Login System');
}
?>